Ever since cPanel / WHM added Auto-SSL, I’ve been SSL’ing the crap out of things. I’ve got this method called “close your eyes and click” and it seems to work just fine.

SSL is also a Google ranking signal. It is one of the few ranking signals Google has been fully transparent about, so I’m gonna go ahead and say its important. Some also theorize that Google (amongst other big boys on the web) are going to eventually require / demand all sites be SSL/HTTPS. So why not.

In most cases, you can have your site HTTPS / SSL ready in about 5 minutes, depending on what kind of site you have and how big it is.

So here is what I did to make this site SSL without errors. I suppose the prerequisite if you are following this guide would be:

having knowledge of servers / Linux

being able to edit code

WordPress

WHM / cPanel

AutoSSL enabled in WHM

With that said, here we go:

Step 1: Log into WHM, navigate to “Manage AutoSSL” then go to “manage users” and enable for the user / account you want to enable SSL on. Once this is done, it’ll run a cron job and you are now officially SSL / HTTPS ready.

Step 2: Next log into the backend of your WordPress website and change the WordPress address URL and site address URL to https:// you might get logged out at this point, just log back in. Some things might look funny at this point,and you’ll prob have a few SSL errors, so don’t freak out…yet.

Step 3: for Apache users, force SSL via .htaccess. I grabbed this code from somewhere on the web, there are a few different ways to do this.

Step 4: you are going to want to do a find and replace of your database to replace any instance of http:// (your site, not all sites) with https version. I’m a big fan of interconnect’s tool but you can use a plugin, the command line, or phpMyadmin. Depending on your theme, WordPress version, plugins, and a few other factors doing a DB find and replace may or may not find all instances of http:// in your database. In my case it didn’t, so I had to do a little manual editing.

Step 5: Start viewing your source code within your web browser and look for things you missed. Do a Ctrl +F “http://example.com” (or www version don’t forget). Start going through and manually replacing http:// with https://. If you’ve got a ton of these it might be worth it to transfer your code to the text editor of your choice (I like Notepad++) and do a find and replace.

In my case there were only two things that I missed. The first one was the custom JSON-LD schema I had added in the header, which I added via the SEO ultimate plugin:

The other thing I missed was a custom menu item I had added which was still as http.

I am going to keep an eye on the SERP’s to see how they fluctuate, as of Wednesday August 2, 2017 around 6pm EST I added the site to Google Search Console, so let’s see how long it takes to switch out in the SERP’s.

August 3rd 3pm (18 hours later) Google is already indexing the https version of the website! Horrray!

If you have any questions, advice, or see anything I missed, let me know!